<?php
	require_once 'php_includes.php';
	//require_once 'admin_options.php';
	
	$start_entries = 1;
	$num_entries = 30;
	$event_limit = -1;
	$user_limit = '';
	$loc_limit = '';
	$timeStart = 0;
	$timeEnd = 0;
	
	
	//This function handles pruning the logs based on days passed in
	if($_POST['action'] == "prune")
	{
		if((int)$_POST['prunedate'] >= 0 )
		{
			$sql = "DELETE FROM DBLog WHERE EventTime < DATE_SUB(NOW(),INTERVAL ". (int)$_POST['prunedate'] . " DAY)";
			sqlConnect();
			sqlQueryNoLog($sql);
			sqlExit();	
		}
	}
	else if($_POST['action'] == "delete")
	{
		//This handles deletion
		if($_POST['lognum'])
		{
			$checkbox = $_POST['lognum'];
			$sql = "DELETE FROM DBLog WHERE LogEntry IN (";
			$first = 0;
			while (list ($key,$val) = @each ($checkbox)) 
			{
				if($first != 0)
				{
					$sql = $sql . ", ";
				}
				else
				{
				$first = 1;
				}
				
				$sql = $sql . $val;
			}
			
			$sql = $sql . ")";
			
			sqlConnect();
			sqlQuery($sql);
			sqlExit();
		}		
	}

	//
	if($_POST['start'])
	{
		if($_POST['start'] > 0 )
		{
			$start_entries = (int)$_POST['start'];
		}
	}
	
	//
	if($_POST['amount'])
	{
		if($_POST['amount'] >= 0)
		{
			$num_entries = ((int)$_POST['amount']);
		}
	}
	
	$sql = "SELECT * FROM DBLog ";
	if($_POST['user'] != '' || $_POST['location'] != '' || ($_POST['events'] && (((int)$_POST['events']) >= 0 && ((int)$_POST['events']) <= 6)))
	{
		
		$previous = 0;
		
		$sql = $sql . "WHERE";
		//
		if($_POST['events'])
		{
			if(((int)$_POST['events']) >= 1 && ((int)$_POST['events']) <= 7)
			{
				$previous = 1;
				$event_limit = (int)$_POST['events'];
				$sql = $sql . " Event = " . ($event_limit - 1);
			}
		}
		
		//
		if(trim($_POST['user']) != '')
		{
			$user_limit = $_POST['user'];
			if($previous == 1)
			{
				$sql = $sql . " AND";
			}
			$previous = 1;
			$sql = $sql . " User LIKE '%" . $user_limit . "%'";
		}
		
		//
		if(trim($_POST['location']) != '')
		{
			$loc_limit = $_POST['location'];
			if($previous == 1)
			{
				$sql = $sql . " AND";
			}
			$previous = 1;
			
			$sql = $sql . " CallingPage LIKE '%" . $loc_limit . "%'";
		}
	}
	$count = $sql;
	$sql = $sql . " ORDER BY EventTime DESC LIMIT " . ($start_entries - 1) . ", " . $num_entries;
	
	
	sqlConnect();
	$results = sqlQueryNoLog($sql);
	$countresults = sqlQueryNoLog($count);
	sqlExit();	
	
	$num_rows = mysql_num_rows($results);
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

  <head>
    <title>Payroll and Timesheet Management Website</title>
    <link rel="stylesheet" type="text/css" href="styles.css"/>
	<script type="text/javascript" src="jsfunctions.js"></script>
  </head>
  <body>
  
	<?php writeHeader(); ?>
	<p>
	<span class="pageheader">Database access logs</span>
	</p><br />
	<?php
	
	echo "<form action=\"adminlogs.php\" method=\"post\" name=\"filters\">";
	echo "<p>";
	echo "<input type=\"hidden\" name=\"action\" value=\"filter\"/>";
	echo "<b>Filter events:</b> <br/>";
	echo "Filter event type: <select name=\"events\">";
	echo "<option value=\"0\"";
	if($event_limit == 0) { echo "selected=\"selected\""; }
	echo ">All</option><option value=\"1\"";
	if($event_limit == 1) { echo "selected=\"selected\""; }
	echo ">Login</option><option value=\"2\"";
	if($event_limit == 2) { echo "selected=\"selected\""; }
	echo ">Logout</option><option value=\"3\"";
	if($event_limit == 3) { echo "selected=\"selected\""; }
	echo ">Select</option><option value=\"4\"";
	if($event_limit == 4) { echo "selected=\"selected\""; }
	echo ">Insert</option><option value=\"5\"";
	if($event_limit == 5) { echo "selected=\"selected\""; }
	echo ">Update</option><option value=\"6\"";
	if($event_limit == 6) { echo "selected=\"selected\""; }
	echo ">Delete</option><option value=\"7\"";
	if($event_limit == 7) { echo "selected=\"selected\""; }
	echo ">Unknown</option></select><br/>";
	echo "Filter by user: <input type=\"text\" name=\"user\" value=\"" . $user_limit . "\" /><br/>";
	echo "Filter location of call: <input type=\"text\" name=\"location\" value=\"" . $loc_limit . "\" /><br/>";
	echo "Show <input type=\"text\" name=\"amount\" value=\"" .  $num_entries . "\" size=\"2\"/> results starting from event <input type=\"text\" name=\"start\" value=\"" . $start_entries . "\" size=\"2\"/> sorted by most recent out of ";
	echo mysql_num_rows($countresults);
	echo " entries<br/>";
	echo "<input type=\"submit\"  class=\"button\" value=\"Filter Results\"/>";
	echo "</p>";
	echo "</form>";
	?>
	
	<form name="logentries" action="adminlogs.php" method="POST">
	<div>
	<input type="hidden" name="action" value="delete"/>
	<?php
	if($admin_allow_log_delete == 1)
	{
		echo "<input type=\"submit\"  class=\"button\" value=\"Delete\"/>\n";
	}
	?>
	<table class="full">
	<?php
	if($admin_allow_log_delete == 1)
	{
		echo "<th class=\"selectall\"><input type=\"checkbox\" name=\"selectall\" onClick=\"checkAll('logentries', 'lognum[]', this)\"/></th>\n";
	}
	?>
	
	<th class="log">User</th><th class="log">Event</th><th class="log">Time</th><th class="log">Location of Query</th><th class="log">Query Performed</th>
	<?php	
	//Show the results
	$odd = 0;
	
	for($i = 0; $i < $num_rows; ++$i)
	{
		$data = mysql_fetch_row($results);
		
		if($odd == 1)
		{
			$odd = 0;
			echo "	<tr class=\"even\">\n";
		}
		else
		{
			$odd = 1;
			echo "	<tr class=\"odd\">\n";
		}
		if($admin_allow_log_delete == 1)
		{
		echo "<td class=\"view\"><input type=\"checkbox\" name=lognum[] value=\"" . $data[0] . "\"/></td>";
		}
		echo "<td class=\"record\">" . $data[1] . "</td><td class=\"record\">";
		
		//events:
		// 0 login
		// 1 logout
		// 2 select
		// 3 insert
		// 4 update
		// 5 delete
		// 6 unknown
		switch($data[5])
		{
			case 0:
			echo "Login";
			break;
			case 1:
			echo "Logout";
			break;
			case 2:
			echo "Select";
			break;
			case 3:
			echo "Insert";
			break;
			case 4:
			echo "Update";
			break;
			case 5:
			echo "Delete";
			break;
			default:
			echo "Unknown";
		}
		
		echo "</td><td class=\"record\">" . $data[4] . "</td><td class=\"record\">" . $data[3] . "</td><td class=\"record\">" . $data[6] . "</td></tr>\n";
	}
	
	?>
	</table>
	</div>
	</form>
	
	<?php
	if($admin_allow_log_prune == 1)
	{
		echo "<form action=\"adminlogs.php\" method=\"post\">\n";
		echo "<p>\n";
		echo "<input type=\"hidden\" name=\"action\" value=\"prune\"/>\n";
		echo "<b>Prune Logs:</b><br/>\n";
		echo "Delete all entries older than <input type=\"text\" name=\"prunedate\" size=\"4\" value=\"30\" /> days.<br/><input type=\"submit\"  class=\"button\" value=\"Prune\"/>\n";
		echo "</p>\n";
		echo "</form>\n";
	}
	?>
  </body>
</html>